Don't allow immediate interrupts during authentication anymore.
We used to handle authentication_timeout by setting
ImmediateInterruptOK to true during large parts of the authentication
phase of a new connection. While that happens to work acceptably in
practice, it's not particularly nice and has ugly corner cases.
Previous commits converted the FE/BE communication to use latches and
implemented support for interrupt handling during both
send/recv. Building on top of that work we can get rid of
ImmediateInterruptOK during authentication, by immediately treating
timeouts during authentication as a reason to die. As die interrupts
are handled immediately during client communication that provides a
sensibly quick reaction time to authentication timeout.
Additionally add a few CHECK_FOR_INTERRUPTS() to some more complex
authentication methods. More could be added, but this already should
provides a reasonable coverage.
While it this overall increases the maximum time till a timeout is
reacted to, it greatly reduces complexity and increases
reliability. That seems like a overall win. If the increase proves to
be noticeable we can deal with those cases by moving to nonblocking
network code and add interrupt checking there.
Reviewed-By: Heikki Linnakangas
Branch
------
master
Details
-------
http://git.postgresql.org/pg/commitdiff/6647248e3708843be93c7ca670cd219fe8e61026
Modified Files
--------------
src/backend/libpq/auth.c | 30 ++++++++++++++++++++----------
src/backend/libpq/be-secure-openssl.c | 5 +++++
src/backend/libpq/crypt.c | 10 ----------
src/backend/tcop/postgres.c | 17 +++++------------
src/backend/utils/init/postinit.c | 16 +++++++++++-----
5 files changed, 41 insertions(+), 37 deletions(-)